๐Ÿ” CVE Alert

CVE-2025-55887

MEDIUM 6.1
CVSS Score
6.1
EPSS Score
0.0%
EPSS Percentile
0th

Cross-Site Scripting (XSS) vulnerability was discovered in the meal reservation service ARD. The vulnerability exists in the transactionID GET parameter on the transaction confirmation page. Due to improper input validation and output encoding, an attacker can inject malicious JavaScript code that is executed in the context of a user s browser. This can lead to session hijacking, theft of cookies, and other malicious actions performed on behalf of the victim.

Vendor n/a
Product n/a
Published Sep 22, 2025
Last Updated Jul 5, 2026
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new medium vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
ard.com: http://ard.com services.ard.fr: https://services.ard.fr/index.php github.com: https://github.com/0xZeroSec/CVE-2025-55887